Add pre install/uninstall checks to planners (#561)

* Add pre install/uninstall checks to planners

* Refine checks

* fmt

* Make sure checks run before install/uninstall described as well

* Make nix-darwin error expected

* Fix import

* Fix import

* Report expected errors properly

* format
This commit is contained in:
Ana Hobden 2023-07-12 09:08:42 -07:00 committed by GitHub
parent d076888f88
commit 80026e1e2f
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
9 changed files with 151 additions and 20 deletions

View file

@ -304,7 +304,7 @@ impl Action for CreateUser {
Some(40) if stderr.contains("-14120") => { Some(40) if stderr.contains("-14120") => {
// The user is on an ephemeral Mac, like detsys uses // The user is on an ephemeral Mac, like detsys uses
// These Macs cannot always delete users, as sometimes there is no graphical login // These Macs cannot always delete users, as sometimes there is no graphical login
tracing::warn!("Encountered an exit code 40 with -14120 error while removing user, this is likely because the initial executing user did not have a secure token, or that there was no graphical login session. To delete the user, log in graphically, then run `/usr/bin/dscl . -delete /Users/{}", self.name); tracing::warn!("Encountered an exit code 40 with -14120 error while removing user, this is likely because the initial executing user did not have a secure token, or that there was no graphical login session. To delete the user, log in graphically, then run `/usr/bin/dscl . -delete /Users/{}`", self.name);
}, },
_ => { _ => {
// Something went wrong // Something went wrong

View file

@ -100,7 +100,7 @@ impl Action for DeleteUser {
Some(40) if stderr.contains("-14120") => { Some(40) if stderr.contains("-14120") => {
// The user is on an ephemeral Mac, like detsys uses // The user is on an ephemeral Mac, like detsys uses
// These Macs cannot always delete users, as sometimes there is no graphical login // These Macs cannot always delete users, as sometimes there is no graphical login
tracing::warn!("Encountered an exit code 40 with -14120 error while removing user, this is likely because the initial executing user did not have a secure token, or that there was no graphical login session. To delete the user, log in graphically, then run `/usr/bin/dscl . -delete /Users/{}", self.name); tracing::warn!("Encountered an exit code 40 with -14120 error while removing user, this is likely because the initial executing user did not have a secure token, or that there was no graphical login session. To delete the user, log in graphically, then run `/usr/bin/dscl . -delete /Users/{}`", self.name);
}, },
_ => { _ => {
// Something went wrong // Something went wrong

View file

@ -199,6 +199,14 @@ impl CommandExecute for Install {
(Some(_), Some(_)) => return Err(eyre!("`--plan` conflicts with passing a planner, a planner creates plans, so passing an existing plan doesn't make sense")), (Some(_), Some(_)) => return Err(eyre!("`--plan` conflicts with passing a planner, a planner creates plans, so passing an existing plan doesn't make sense")),
}; };
if let Err(err) = install_plan.pre_install_check().await {
if let Some(expected) = err.expected() {
eprintln!("{}", expected.red());
return Ok(ExitCode::FAILURE);
}
Err(err)?
}
if !no_confirm { if !no_confirm {
let mut currently_explaining = explain; let mut currently_explaining = explain;
loop { loop {

View file

@ -113,6 +113,14 @@ impl CommandExecute for Uninstall {
.wrap_err("Reading receipt")?; .wrap_err("Reading receipt")?;
let mut plan: InstallPlan = serde_json::from_str(&install_receipt_string)?; let mut plan: InstallPlan = serde_json::from_str(&install_receipt_string)?;
if let Err(err) = plan.pre_uninstall_check().await {
if let Some(expected) = err.expected() {
eprintln!("{}", expected.red());
return Ok(ExitCode::FAILURE);
}
Err(err)?
}
if !no_confirm { if !no_confirm {
let mut currently_explaining = explain; let mut currently_explaining = explain;
loop { loop {

View file

@ -53,6 +53,9 @@ impl InstallPlan {
#[cfg(feature = "diagnostics")] #[cfg(feature = "diagnostics")]
let diagnostic_data = Some(planner.diagnostic_data().await?); let diagnostic_data = Some(planner.diagnostic_data().await?);
// Some Action `plan` calls may fail if we don't do these checks
planner.pre_install_check().await?;
let actions = planner.plan().await?; let actions = planner.plan().await?;
Ok(Self { Ok(Self {
planner: planner.boxed(), planner: planner.boxed(),
@ -62,6 +65,17 @@ impl InstallPlan {
diagnostic_data, diagnostic_data,
}) })
} }
pub async fn pre_uninstall_check(&self) -> Result<(), NixInstallerError> {
self.planner.pre_uninstall_check().await?;
Ok(())
}
pub async fn pre_install_check(&self) -> Result<(), NixInstallerError> {
self.planner.pre_install_check().await?;
Ok(())
}
#[tracing::instrument(level = "debug", skip_all)] #[tracing::instrument(level = "debug", skip_all)]
pub async fn describe_install(&self, explain: bool) -> Result<String, NixInstallerError> { pub async fn describe_install(&self, explain: bool) -> Result<String, NixInstallerError> {
let Self { let Self {
@ -143,6 +157,8 @@ impl InstallPlan {
cancel_channel: impl Into<Option<Receiver<()>>>, cancel_channel: impl Into<Option<Receiver<()>>>,
) -> Result<(), NixInstallerError> { ) -> Result<(), NixInstallerError> {
self.check_compatible()?; self.check_compatible()?;
self.planner.pre_install_check().await?;
let Self { actions, .. } = self; let Self { actions, .. } = self;
let mut cancel_channel = cancel_channel.into(); let mut cancel_channel = cancel_channel.into();
@ -313,6 +329,8 @@ impl InstallPlan {
cancel_channel: impl Into<Option<Receiver<()>>>, cancel_channel: impl Into<Option<Receiver<()>>>,
) -> Result<(), NixInstallerError> { ) -> Result<(), NixInstallerError> {
self.check_compatible()?; self.check_compatible()?;
self.planner.pre_uninstall_check().await?;
let Self { actions, .. } = self; let Self { actions, .. } = self;
let mut cancel_channel = cancel_channel.into(); let mut cancel_channel = cancel_channel.into();
let mut errors = vec![]; let mut errors = vec![];

View file

@ -38,18 +38,8 @@ impl Planner for Linux {
} }
async fn plan(&self) -> Result<Vec<StatefulAction<Box<dyn Action>>>, PlannerError> { async fn plan(&self) -> Result<Vec<StatefulAction<Box<dyn Action>>>, PlannerError> {
check_not_nixos()?;
check_nix_not_already_installed().await?;
check_not_wsl1()?;
let has_selinux = detect_selinux().await?; let has_selinux = detect_selinux().await?;
if self.init.init == InitSystem::Systemd && self.init.start_daemon {
check_systemd_active()?;
}
let mut plan = vec![]; let mut plan = vec![];
plan.push( plan.push(
@ -141,6 +131,29 @@ impl Planner for Linux {
self.settings.ssl_cert_file.clone(), self.settings.ssl_cert_file.clone(),
)?) )?)
} }
async fn pre_uninstall_check(&self) -> Result<(), PlannerError> {
check_not_wsl1()?;
if self.init.init == InitSystem::Systemd && self.init.start_daemon {
check_systemd_active()?;
}
Ok(())
}
async fn pre_install_check(&self) -> Result<(), PlannerError> {
check_not_nixos()?;
check_nix_not_already_installed().await?;
check_not_wsl1()?;
if self.init.init == InitSystem::Systemd && self.init.start_daemon {
check_systemd_active()?;
}
Ok(())
}
} }
impl Into<BuiltinPlanner> for Linux { impl Into<BuiltinPlanner> for Linux {
@ -150,7 +163,7 @@ impl Into<BuiltinPlanner> for Linux {
} }
// If on NixOS, running `nix_installer` is pointless // If on NixOS, running `nix_installer` is pointless
fn check_not_nixos() -> Result<(), PlannerError> { pub(crate) fn check_not_nixos() -> Result<(), PlannerError> {
// NixOS always sets up this file as part of setting up /etc itself: https://github.com/NixOS/nixpkgs/blob/bdd39e5757d858bd6ea58ed65b4a2e52c8ed11ca/nixos/modules/system/etc/setup-etc.pl#L145 // NixOS always sets up this file as part of setting up /etc itself: https://github.com/NixOS/nixpkgs/blob/bdd39e5757d858bd6ea58ed65b4a2e52c8ed11ca/nixos/modules/system/etc/setup-etc.pl#L145
if Path::new("/etc/NIXOS").exists() { if Path::new("/etc/NIXOS").exists() {
return Err(PlannerError::NixOs); return Err(PlannerError::NixOs);
@ -158,7 +171,7 @@ fn check_not_nixos() -> Result<(), PlannerError> {
Ok(()) Ok(())
} }
fn check_not_wsl1() -> Result<(), PlannerError> { pub(crate) fn check_not_wsl1() -> Result<(), PlannerError> {
// Detection strategies: https://patrickwu.space/wslconf/ // Detection strategies: https://patrickwu.space/wslconf/
if std::env::var("WSL_DISTRO_NAME").is_ok() && std::env::var("WSL_INTEROP").is_err() { if std::env::var("WSL_DISTRO_NAME").is_ok() && std::env::var("WSL_INTEROP").is_err() {
return Err(PlannerError::Wsl1); return Err(PlannerError::Wsl1);
@ -166,7 +179,7 @@ fn check_not_wsl1() -> Result<(), PlannerError> {
Ok(()) Ok(())
} }
async fn detect_selinux() -> Result<bool, PlannerError> { pub(crate) async fn detect_selinux() -> Result<bool, PlannerError> {
if Path::new("/sys/fs/selinux").exists() && which("sestatus").is_ok() { if Path::new("/sys/fs/selinux").exists() && which("sestatus").is_ok() {
// We expect systems with SELinux to have the normal SELinux tools. // We expect systems with SELinux to have the normal SELinux tools.
let has_semodule = which("semodule").is_ok(); let has_semodule = which("semodule").is_ok();
@ -181,7 +194,7 @@ async fn detect_selinux() -> Result<bool, PlannerError> {
} }
} }
async fn check_nix_not_already_installed() -> Result<(), PlannerError> { pub(crate) async fn check_nix_not_already_installed() -> Result<(), PlannerError> {
// For now, we don't try to repair the user's Nix install or anything special. // For now, we don't try to repair the user's Nix install or anything special.
if let Ok(_) = Command::new("nix-env") if let Ok(_) = Command::new("nix-env")
.arg("--version") .arg("--version")
@ -195,7 +208,7 @@ async fn check_nix_not_already_installed() -> Result<(), PlannerError> {
Ok(()) Ok(())
} }
fn check_systemd_active() -> Result<(), PlannerError> { pub(crate) fn check_systemd_active() -> Result<(), PlannerError> {
if !Path::new("/run/systemd/system").exists() { if !Path::new("/run/systemd/system").exists() {
if std::env::var("WSL_DISTRO_NAME").is_ok() { if std::env::var("WSL_DISTRO_NAME").is_ok() {
return Err(LinuxErrorKind::Wsl2SystemdNotActive)?; return Err(LinuxErrorKind::Wsl2SystemdNotActive)?;

View file

@ -3,8 +3,10 @@ use std::{collections::HashMap, io::Cursor, path::PathBuf};
#[cfg(feature = "cli")] #[cfg(feature = "cli")]
use clap::ArgAction; use clap::ArgAction;
use tokio::process::Command; use tokio::process::Command;
use which::which;
use super::ShellProfileLocations; use super::ShellProfileLocations;
use crate::planner::HasExpectedErrors;
use crate::{ use crate::{
action::{ action::{
@ -89,8 +91,6 @@ impl Planner for Macos {
} }
async fn plan(&self) -> Result<Vec<StatefulAction<Box<dyn Action>>>, PlannerError> { async fn plan(&self) -> Result<Vec<StatefulAction<Box<dyn Action>>>, PlannerError> {
ensure_not_running_in_rosetta().await?;
let root_disk = match &self.root_disk { let root_disk = match &self.root_disk {
root_disk @ Some(_) => root_disk.clone(), root_disk @ Some(_) => root_disk.clone(),
None => { None => {
@ -219,6 +219,18 @@ impl Planner for Macos {
self.settings.ssl_cert_file.clone(), self.settings.ssl_cert_file.clone(),
)?) )?)
} }
async fn pre_uninstall_check(&self) -> Result<(), PlannerError> {
check_nix_darwin_not_installed().await?;
Ok(())
}
async fn pre_install_check(&self) -> Result<(), PlannerError> {
check_not_running_in_rosetta()?;
Ok(())
}
} }
impl Into<BuiltinPlanner> for Macos { impl Into<BuiltinPlanner> for Macos {
@ -227,7 +239,30 @@ impl Into<BuiltinPlanner> for Macos {
} }
} }
async fn ensure_not_running_in_rosetta() -> Result<(), PlannerError> { async fn check_nix_darwin_not_installed() -> Result<(), PlannerError> {
let has_darwin_rebuild = which("darwin-rebuild").is_ok();
let has_darwin_option = which("darwin-option").is_ok();
let activate_system_present = Command::new("launchctl")
.arg("print")
.arg("system/org.nixos.activate-system")
.process_group(0)
.stdin(std::process::Stdio::null())
.stdout(std::process::Stdio::null())
.stderr(std::process::Stdio::null())
.status()
.await
.map(|v| v.success())
.unwrap_or(false);
if activate_system_present || has_darwin_rebuild || has_darwin_option {
return Err(MacosError::UninstallNixDarwin).map_err(|e| PlannerError::Custom(Box::new(e)));
};
Ok(())
}
fn check_not_running_in_rosetta() -> Result<(), PlannerError> {
use sysctl::{Ctl, Sysctl}; use sysctl::{Ctl, Sysctl};
const CTLNAME: &str = "sysctl.proc_translated"; const CTLNAME: &str = "sysctl.proc_translated";
@ -246,3 +281,18 @@ async fn ensure_not_running_in_rosetta() -> Result<(), PlannerError> {
Ok(()) Ok(())
} }
#[non_exhaustive]
#[derive(thiserror::Error, Debug)]
pub enum MacosError {
#[error("`nix-darwin` installation detected, it must be removed before uninstalling Nix. Please refer to https://github.com/LnL7/nix-darwin#uninstalling for instructions how to uninstall `nix-darwin`.")]
UninstallNixDarwin,
}
impl HasExpectedErrors for MacosError {
fn expected<'a>(&'a self) -> Option<Box<dyn std::error::Error + 'a>> {
match self {
this @ MacosError::UninstallNixDarwin => Some(Box::new(this)),
}
}
}

View file

@ -144,6 +144,14 @@ pub trait Planner: std::fmt::Debug + Send + Sync + dyn_clone::DynClone {
Box::new(self) Box::new(self)
} }
async fn pre_uninstall_check(&self) -> Result<(), PlannerError> {
Ok(())
}
async fn pre_install_check(&self) -> Result<(), PlannerError> {
Ok(())
}
#[cfg(feature = "diagnostics")] #[cfg(feature = "diagnostics")]
async fn diagnostic_data(&self) -> Result<crate::diagnostics::DiagnosticData, PlannerError>; async fn diagnostic_data(&self) -> Result<crate::diagnostics::DiagnosticData, PlannerError>;
} }
@ -415,6 +423,10 @@ impl HasExpectedErrors for PlannerError {
if let Some(err) = _e.downcast_ref::<linux::LinuxErrorKind>() { if let Some(err) = _e.downcast_ref::<linux::LinuxErrorKind>() {
return err.expected(); return err.expected();
} }
#[cfg(target_os = "macos")]
if let Some(err) = _e.downcast_ref::<macos::MacosError>() {
return err.expected();
}
None None
}, },
this @ PlannerError::NixOs => Some(Box::new(this)), this @ PlannerError::NixOs => Some(Box::new(this)),

View file

@ -398,6 +398,28 @@ impl Planner for SteamDeck {
self.settings.ssl_cert_file.clone(), self.settings.ssl_cert_file.clone(),
)?) )?)
} }
async fn pre_uninstall_check(&self) -> Result<(), PlannerError> {
super::linux::check_not_wsl1()?;
// Unlike the Linux planner, the steam deck planner requires systemd
super::linux::check_systemd_active()?;
Ok(())
}
async fn pre_install_check(&self) -> Result<(), PlannerError> {
super::linux::check_not_nixos()?;
super::linux::check_nix_not_already_installed().await?;
super::linux::check_not_wsl1()?;
// Unlike the Linux planner, the steam deck planner requires systemd
super::linux::check_systemd_active()?;
Ok(())
}
} }
impl Into<BuiltinPlanner> for SteamDeck { impl Into<BuiltinPlanner> for SteamDeck {